r18307 - in /packages/unstable/nautilus-python/debian: changelog patches/50_CVE-2009-0317.patch
joss at users.alioth.debian.org
joss at users.alioth.debian.org
Mon Feb 2 09:24:59 UTC 2009
Author: joss
Date: Mon Feb 2 09:24:59 2009
New Revision: 18307
URL: http://svn.debian.org/wsvn/pkg-gnome/?sc=1&rev=18307
Log:
* Non-maintainer upload.
* Fix CVE-2009-0317: untrusted search path vulnerability.
+ Added patch: 50_CVE-2009-0317.patch
+ Closes: #513419
* Urgency high for fixing a security RC bug.
Added:
packages/unstable/nautilus-python/debian/patches/50_CVE-2009-0317.patch
Modified:
packages/unstable/nautilus-python/debian/changelog
Modified: packages/unstable/nautilus-python/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/unstable/nautilus-python/debian/changelog?rev=18307&op=diff
==============================================================================
--- packages/unstable/nautilus-python/debian/changelog (original)
+++ packages/unstable/nautilus-python/debian/changelog Mon Feb 2 09:24:59 2009
@@ -8,6 +8,16 @@
* Acknowledge NMU, thanks Evgeni Golov.
-- Loic Minier <lool at dooz.org> Sat, 05 Jul 2008 18:24:46 +0200
+
+nautilus-python (0.4.3-3.2) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Fix CVE-2009-0317: untrusted search path vulnerability.
+ + Added patch: 50_CVE-2009-0317.patch
+ + Closes: #513419
+ * Urgency high for fixing a security RC bug.
+
+ -- Evgeni Golov <sargentd at die-welt.net> Sun, 01 Feb 2009 23:34:17 +0100
nautilus-python (0.4.3-3.1) unstable; urgency=low
Added: packages/unstable/nautilus-python/debian/patches/50_CVE-2009-0317.patch
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/unstable/nautilus-python/debian/patches/50_CVE-2009-0317.patch?rev=18307&op=file
==============================================================================
--- packages/unstable/nautilus-python/debian/patches/50_CVE-2009-0317.patch (added)
+++ packages/unstable/nautilus-python/debian/patches/50_CVE-2009-0317.patch Mon Feb 2 09:24:59 2009
@@ -1,0 +1,10 @@
+--- a/src/nautilus-python.c 2006-02-15 22:25:20.000000000 +0100
++++ b/src/nautilus-python.c 2009-01-29 09:46:13.000000000 +0100
+@@ -134,6 +134,7 @@
+
+ Py_Initialize();
+ PySys_SetArgv(1, argv);
++ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)");
+
+ /* pygtk.require("2.0") */
+ pygtk = PyImport_ImportModule("pygtk");
More information about the pkg-gnome-commits
mailing list